package com.example.springbootshiro.shiro;

import com.example.springbootshiro.entity.ShiroRole;
import com.example.springbootshiro.entity.ShiroUser;
import com.example.springbootshiro.service.ShiroRoleService;
import com.example.springbootshiro.service.ShiroUserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.HashSet;
import java.util.List;
import java.util.Set;

public class MyRealm extends AuthorizingRealm {

    @Autowired
    private ShiroUserService userService;

    @Autowired
    private ShiroRoleService roleService;

    /**
     * 获取用户角色和权限
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
        //User user = (User) SecurityUtils.getSubject().getPrincipal();
        //这个获取的是doGetAuthenticationInfo方法中返回的 SimpleAuthenticationInfo第一个参数
        ShiroUser user  = (ShiroUser)principal.getPrimaryPrincipal();
        String userName = user.getLoginName();
        System.out.println("用户" + userName + "获取权限-----ShiroRealm.doGetAuthorizationInfo");
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

        // 获取用户角色集
        List<ShiroRole> roleList = roleService.getUserRole(userName);
        Set<String> roleSet = new HashSet<String>();
        for (ShiroRole r : roleList) {
            roleSet.add(r.getRoleName());
        }
        simpleAuthorizationInfo.setRoles(roleSet);

        // 获取用户权限集
        Set<String> permissionSet = new HashSet<String>();
        permissionSet.add("user:add");
        permissionSet.add("user:read");
        simpleAuthorizationInfo.setStringPermissions(permissionSet);
        return simpleAuthorizationInfo;
    }

    /**
     * 登录认证
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
        // 获取用户输入的用户名和密码
        System.out.println("---------------- 执行 Shiro 凭证认证 ----------------------");
        UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
        String userName = token.getUsername();
        String password = String.valueOf(token.getPassword());
        //String userName = (String) authcToken.getPrincipal();
        //String password = new String((char[]) authcToken.getCredentials());

        // 通过用户名到数据库查询用户信息
        ShiroUser user = userService.getUserByName(userName);
        //当前realm对象的name
        String realmName = getName();

        if (user == null) {
            throw new UnknownAccountException("用户名或密码错误！");
        }
        if (!password.equals(user.getPassWord())) {
            throw new IncorrectCredentialsException("用户名或密码错误！");
        }
        //封装用户信息，构建AuthenticationInfo对象并返回
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, realmName);
        return info;
    }
}
